Snapchat settles with the FTC over allegedly misleading users

Snapchat has settled with the Federal Trade Commission over charges it deceived users into thinking their data on the media-sharing service disappeared, as well as charges it failed to secure its “Find Friends” feature.

Following a hack exposing 4.6 million users’ phone numbers, the FTC filed charges alleging Snapchat misled users about their data security and the nature of the "disappearing" messages. This settlement stems from those charges. There’s no financial component, so Snapchat doesn’t have to pay up, but if it violates the agreement, the company will have to pay a civil penalty of a maximum $16,000 per violation. This is good news for Snapchat users worried about the company’s spotty security record, since it now has a financial incentive to be good.

The original FTC complaint outlined the many different ways Snapchat users could save or recover snaps, illustrating that the company's claims that these communications were ephemeral were false.

“If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises,” FTC Chairwoman Edith Ramirez said in a statement. “Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action.”

Snapchat announced the settlement in a blog post. “While we were focused on building, some things didn’t get the attention they could have. One of those was being more precise with how we communicated with the Snapchat community,” the post reads. “This morning we entered into a consent decree with the FTC that addresses concerns raised by the commission. Even before today’s consent decree was announced, we had resolved most of those concerns over the past year by improving the wording of our privacy policy, app description, and in-app just-in-time notifications. And we continue to invest heavily in security and countermeasures to prevent abuse.”

CEO Evan Spiegel was cavalier in his initial round of apologies for his security breaches, so it is a good sign that the company is now admitting it overlooked crucial details. Security experts repeatedly warned Snapchat of its vulnerabilities in the months leading up to the hack, and were unhappy with the way Snapchat treated them and addressed the weaknesses they pointed out. Those may be the members of the “Snapchat community” the blog post mentions.